Filtered by vendor Canonical
Subscribe
Total
4187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-12976 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-02-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. | |||||
| CVE-2019-12975 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-02-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. | |||||
| CVE-2019-10649 | 3 Canonical, Debian, Imagemagick | 3 Ubuntu Linux, Debian Linux, Imagemagick | 2023-02-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file. | |||||
| CVE-2019-13309 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-02-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. | |||||
| CVE-2019-13311 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2023-02-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. | |||||
| CVE-2020-6812 | 2 Canonical, Mozilla | 4 Ubuntu Linux, Firefox, Firefox Esr and 1 more | 2023-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| The first time AirPods are connected to an iPhone, they become named after the user's name by default (e.g. Jane Doe's AirPods.) Websites with camera or microphone permission are able to enumerate device names, disclosing the user's name. To resolve this issue, Firefox added a special case that renames devices containing the substring 'AirPods' to simply 'AirPods'. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2020-8184 | 3 Canonical, Debian, Rack Project | 3 Ubuntu Linux, Debian Linux, Rack | 2023-02-16 | 5.0 MEDIUM | 7.5 HIGH |
| A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. | |||||
| CVE-2016-4794 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2023-02-16 | 7.2 HIGH | 7.8 HIGH |
| Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls. | |||||
| CVE-2018-14633 | 4 Canonical, Debian, Linux and 1 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2023-02-14 | 8.3 HIGH | 7.0 HIGH |
| A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable. | |||||
| CVE-2009-4484 | 5 Canonical, Debian, Mariadb and 2 more | 5 Ubuntu Linux, Debian Linux, Mariadb and 2 more | 2023-02-14 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | |||||
| CVE-2017-7889 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-02-14 | 7.2 HIGH | 7.8 HIGH |
| The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c. | |||||
| CVE-2019-16391 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2023-02-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. This is related to ecrire/inc/meta.php and ecrire/inc/securiser_action.php. | |||||
| CVE-2019-16392 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2023-02-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. | |||||
| CVE-2019-16393 | 3 Canonical, Debian, Spip | 3 Ubuntu Linux, Debian Linux, Spip | 2023-02-13 | 5.8 MEDIUM | 6.1 MEDIUM |
| SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. | |||||
| CVE-2018-1118 | 4 Canonical, Debian, Linux and 1 more | 7 Ubuntu Linux, Debian Linux, Linux Kernel and 4 more | 2023-02-13 | 2.1 LOW | 5.5 MEDIUM |
| Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. | |||||
| CVE-2018-1094 | 3 Canonical, Linux, Redhat | 5 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 2 more | 2023-02-13 | 7.1 HIGH | 5.5 MEDIUM |
| The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image. | |||||
| CVE-2018-16866 | 5 Canonical, Debian, Netapp and 2 more | 21 Ubuntu Linux, Debian Linux, Active Iq Performance Analytics Services and 18 more | 2023-02-13 | 2.1 LOW | 3.3 LOW |
| An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. | |||||
| CVE-2018-16865 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2023-02-13 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | |||||
| CVE-2018-16864 | 5 Canonical, Debian, Oracle and 2 more | 11 Ubuntu Linux, Debian Linux, Communications Session Border Controller and 8 more | 2023-02-13 | 4.6 MEDIUM | 7.8 HIGH |
| An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | |||||
| CVE-2018-14634 | 4 Canonical, Linux, Netapp and 1 more | 9 Ubuntu Linux, Linux Kernel, Active Iq Performance Analytics Services and 6 more | 2023-02-13 | 7.2 HIGH | 7.8 HIGH |
| An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. | |||||